Security Through Boredom

Menu

Search Results for: seccomp

Post navigation

This is the first installment on a series of various sandboxing techniques that I’ve used in my own code to restrict an applications capabilities. You can find a shorter overview of these techniques here. This article will be discussing seccomp filters. What is Seccomp? An Introduction: System calls are your way of asking the kernel […]

The Chrome seccomp sandbox works by limiting Chrome’s access to system calls by including a whitelist at compile time. This feature is supported in all Linux kernels 3.5 and up, as well as some specific distros like Ubuntu. Chrome is one of a few programs to make use of this new sandbox but hopefully we […]

Chrome://sandbox has gotten an update reflecting the newly implemented Mode 2 Seccomp Filters implemented through the Berkley Packet Filter (BPF). To learn more about Syscall and Seccomp Filtering you can read this post and learn about how Chrome’s new sandbox on Linux. Chrome’s seccomp sandbox is a powerful restriction on how Chrome can interact with the […]

The seccomp filters implemented in the 3.5 and Ubuntu kernel is really cool and I’m bored so I want to write about it (hooray for having a blog.) I’m going to explain what seccomp filters actually do at as low a level as I feel comfortable. I’ll leave some stuff out and gloss over a […]

I was reading the scarybeast blog and he mentions that Chrome 20 now implements the seccomp filters for its Flash plugin. That means that Flash is now running in a chroot (separate file system) and namespace and it has a whitelist of syscalls. This is a significant improvements. The thing about sandboxing is that you can only […]

Just a note, the 3.5 Linux kernel now includes support for Seccomp Mode 2 Filters. Seccomp is awesome. It reduces visible kernel attack surface and severely limits the ability for attackers to exploit the kernel, which would allow for privilege escalation. So, rejoice, because that’s really cool.

Just a short post to bring attention to seccomp mode 2 filters. There is not enough hype about this, probably because it’s not in the vanilla kernel yet (that I know of.) Seccomp filters let programs whitelist calls that they can make to the kernel. Whitelisting syscalls reduces kernel attack surface, which will prevent privilege […]

I’ve written a series of articles on various Linux sandboxing capabilities that developers can make use of to write their programs in a more secure fashion. If you’re interested, have a look. Here’s a link to all of the articles: Seccomp Filters: http://www.insanitybit.com/2014/09/08/3719/ Linux Capabilities: http://www.insanitybit.com/2014/09/08/sandboxing-linux-capabilities/ Chroot Sandbox: http://www.insanitybit.com/2014/09/08/sandboxing-chroot-sandbox/ Apparmor: http://www.insanitybit.com/2014/09/08/sandboxing-apparmor/ And here’s a link […]

In total I’ve written five methods for sandboxing code. These are certainly not the only methods but they’re mostly simple to use, and they’re what I’ve personally used. A large part of this sandboxing was only possible because I built the code to work this way. I split everything into privileged and unprivileged groups, and […]

Sandboxing: Apparmor This is the fifth installment on a series of various sandboxing techniques that I’ve used in my own code to restrict an applications capabilities. You can find a shorter overview of these techniques here. This article will be discussing sandboxing with Apparmor. Mandatory Access Control: Mandatory Access Control (MAC), like Discretionary Access Control […]